From the Office of the Privacy Commissioner of Canada, this announcement on September 17:
The Office of the Privacy Commissioner of Canada (OPC) is inviting public feedback on draft guidance to help businesses comply with new mandatory breach reporting requirements under the federal private sector privacy law.
Amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA) to create new provisions requiring organizations to report breaches of security safeguards will come into force November 1, 2018. Prior to coming into force, Innovation, Science, and Economic Development undertook two public consultations and the final regulations were published in the Canada Gazette in April 2018.
The OPC has developed guidance and a breach reporting form to help organizations meet their new obligations under the law.
Interested stakeholders are invited to provide their comments by October 2, 2018.